IN THE CLAIMS : 

The following is a complete listing of the pending claims. 

1. (Original) A process of controlling a flow of data in a wireless network 
providing wireless access to the wireless network by wireless devices, said process 
comprising: 

receiving data from a wireless device by a network device, through one access 
point of a plurality of access points in communication with the network device, indicating 
a client identifier for the wireless device; 

forwarding the client identifier to an authentication server; 

mediating authentication of the wireless device with the authentication server; 

evaluating data packets received from portions of the wireless network and from 
the plurality of access points; and 

passing the received data packets to portions of the wireless network and to the 
plurality of access points, based on the evaluation of the received data packets; 

wherein the network device periodically polls for a status of the wireless device 
from the access point, and 

wherein the access points and the network device exchange information relating to 
configuration, status, and client session statuses of the access points through a messaging 
protocol. 
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2. (Original) A process as recited in claim 1, wherein said step of evaluating data 
packets comprises filtering of the received data packets, such that filtered data packets 
can be dropped to limit an effectiveness of a denial of service attack. 

3. (Original) A process as recited in claim 1, wherein said step of mediating 
authentication of the wireless device comprises restricting access to the wireless network 
by the wireless device based on a category of user determined from the client identifier. 

4. (Original) A process as recited in claim 3, wherein said step of restricting access 
to the wireless network is based on a type of device to which the wireless device belongs. 

5. (Original) A process as recited in claim 1, wherein said step of mediating 
authentication of the wireless device comprises restricting access to the wireless network 
by the wireless device based on an hour and a day of the week in which the data was 
received from the wireless device. 

6. (Original) A process as recited in claim 5, wherein said step of restricting access 
to the wireless network is based on at least one of a type of device to which the wireless 
device belongs and on a category of user determined from the client identifier. 
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7. (Original) A process as recited in claim 1, wherein said step of mediating 
authentication of the wireless device comprises restricting access to the wireless network 
by the wireless device based on a physical location of the one access point of a plurality 
of access points. 

8. (Original) A process as recited in claim 1, wherein said step of mediating 
authentication of the wireless device comprises restricting access to the wireless network 
by the wireless device based on a type of an application, running on the wireless device, 
seeking network access for the wireless device. 

9. (Original) A process as recited in claim 1 5 wherein said step of passing the 
received data packets comprises forwarding updates to software and configurations of the 
plurality of access points to the plurality of access points from a single site on the 
wireless network through a single update. 

10. (Original) A process as recited in claim 1, wherein coverage areas for at least 
two of the plurality of access points overlap and the process further comprises: 

monitoring usage by wireless devices of the at least two of the plurality of access 
points; and 
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prompting the at least two of the plurality of access points to change the usage by 
the wireless devices such that a load carried by the at least two of the plurality of access 
points is approximately balanced. 

11. (Original) A process as recited in claim 10, wherein load carried by the at least 
two of the plurality of access points is determined by at least one of a number of wireless 
devices using the at least two of the plurality of access points, a number of packets 
transmitted and received by the at least two of the plurality of access points and an 
average bandwidth carried by the at least two of the plurality of access points. 

12. (Original) A process as recited in claim 10, wherein load carried by the at least 
two of the plurality of access points is determined by at least one of priorities of packets 
recently transmitted and received by the at least two of the plurality of access points, a 
type of application running on the wireless devices and communicating with the at least 
two of the plurality of access points and a signal strength provided to the wireless devices 
provided by the at least two of the plurality of access points. 

13. (Original) A process as recited in claim 1, wherein said step of passing the 
received data packets comprises maintaining a priority indicated by the data packets and 
tagging the data packets with a priority tag to be evaluated by the access points. 
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14. (Original) A process as recited in claim 1 5 wherein said step of passing the 
received data packets comprises establishing a prioritization policy based on filtering of 
the data packets and tagging the data packets with a priority tag to be evaluated by the 
access points based on the established prioritization policy. 

15. (Original) A process as recited in claim 1, further comprising establishing a 
bandwidth usage policy for the wireless devices and instructing the plurality of access 
points to follow the established bandwidth usage policy. 

16. (Original) A process as recited in claim 1, further comprising: 

receiving a re-association request from a transferring wireless device through a 
new access point of the plurality of access points, where the transferring wireless device 
was previously associated with an old access point of the plurality of access points; 

providing session information for the transferring wireless device to the new 
access point; and 

updating a routing table with a routing location of the transferring wireless device. 

17. (Original) A process as recited in claim 16 3 further comprising encapsulating 
received data packets with Internet protocol information associated with the new access 
point and updating routing information in a local routing table. 
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18. (Original) A process as recited in claim 1, further comprising: 

receiving a re-association request from a transferring wireless device through a 
new access point of the plurality of access points, where the transferring wireless device 
was previously associated with an alternate access point in communication with the 
wireless network through an alternate network device; 

sending a request for configuration information for the transferring wireless device 
from the alternate network device; and 

forwarding access point configuration data, determined from the configuration 
information for the transferring wireless device received from the alternate network 
device, to the new access point. 

19. (Original) A process as recited in claim 1, wherein the wireless device is a 
wireless internet protocol phone, the client identifier is call setup data and said step of 
passing the received data packets comprises passing voice over internet protocol data 
packets to portions of the wireless network and to the plurality of access points, based on 
the evaluation of the received voice over internet protocol data packets. 

20. (Previously Presented) A process as recited in claim 19, wherein said step of 
evaluating data packets comprises: 

sending a call connected signal received from an Internet protocol phone gateway 
to the one access point; and 
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mediating a negotiation of network resources between the Internet protocol phone 
gateway and the wireless Internet protocol phone. 

21. (Original) A network device for controlling a flow of data in a wireless 
network providing wireless access to the wireless network by wireless devices, said 
network device comprising: 

receiving means for receiving data from a wireless device by the network device, 
through one access point of a plurality of access points in communication with the 
network device, indicating a client identifier for the wireless device; 

forwarding means for forwarding the client identifier to an authentication server; 

mediating means for mediating authentication of the wireless device with the 
authentication server; 

evaluating means for evaluating data packets received from portions of the 
wireless network and from the plurality of access points; and 

passing means for passing the received data packets to portions of the wireless 
network and to the plurality of access points, based on the evaluation of the received data 
packets; 

wherein the network device is configured to periodically poll for a status of the 
wireless device from the access point, and 
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wherein the access points and the network device exchange information relating to 
configuration, status, and client session statuses of the access points through a messaging 
protocol. 

22. (Original) A network device as recited in claim 21, wherein said evaluating 
means comprises filtering means for filtering the received data packets, such that filtered 
data packets can be dropped to limit an effectiveness of a denial of service attack. 

23. (Original) A network device as recited in claim 21, wherein said mediating 
means comprises restricting means for restricting access to the wireless network by the 
wireless device based on a category of user determined from the client identifier. 

24. (Original) A network device as recited in claim 23, wherein said restricting 
means is configured to restrict access based on a type of device to which the wireless 
device belongs. 

25. (Original) A network device as recited in claim 21, wherein said mediating 
means comprises restricting means for restricting access to the wireless network by the 
wireless device based on an hour and a day of the week in which the data was received 
from the wireless device. 
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26. (Original) A network device as recited in claim 25, wherein said restricting 
means is configured to restrict access based on at least one of a type of device to which 
the wireless device belongs and on a category of user determined from the client 
identifier. 

27. (Original) A network device as recited in claim 21, wherein said mediating 
means comprises restricting means for restricting access to the wireless network by the 
wireless device based on a physical location of the one access point of a plurality of 
access points. 

28. (Original) A network device as recited in claim 21, wherein said mediating 
means comprises restricting means for restricting access to the wireless network by the 
wireless device based on a type of an application, running on the wireless device, seeking 
network access for the wireless device. 

29. (Original) A network device as recited in claim 21, wherein said passing 
means comprises forwarding means for forwarding updates to software and 
configurations of the plurality of access points to the plurality of access points from a 
single site on the wireless network through a single update. 
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30. (Original) A network device as recited in claim 21, wherein coverage areas for 
at least two of the plurality of access points overlap and the network device further 
comprises: 

monitoring means for monitoring usage by wireless devices of the at least two of 
the plurality of access points; and 

prompting means for prompting the at least two of the plurality of access points to 
change the usage by the wireless devices such that a load carried by the at least two of the 
plurality of access points is approximately balanced. 

31. (Original) A network device as recited in claim 30, wherein load carried by the 
at least two of the plurality of access points is determined by at least one of a number of 
wireless devices using the at least two of the plurality of access points, a number of 
packets transmitted and received by the at least two of the plurality of access points and 
an average bandwidth carried by the at least two of the plurality of access points. 

32. (Original) A network device as recited in claim 30, wherein load carried by the 
at least two of the plurality of access points is determined by at least one of priorities of 
packets recently transmitted and received by the at least two of the plurality of access 
points, a type of application running on the wireless devices and communicating with the 
at least two of the plurality of access points and a signal strength provided to the wireless 
devices provided by the at least two of the plurality of access points. 
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33. (Original) A network device as recited in claim 21, wherein said passing 
means comprises maintaining means for maintaining a priority indicated by the data 
packets and tagging the data packets with a priority tag to be evaluated by the access 
points. 

34. (Original) A network device as recited in claim 21, wherein said passing 
means comprises establishing means for establishing a prioritization policy based on 
filtering of the data packets and tagging the data packets with a priority tag to be 
evaluated by the access points based on the established prioritization policy. 

35. (Original) A network device as recited in claim 21, further comprising 
establishing means for establishing a bandwidth usage policy for the wireless devices and 
instructing the plurality of access points to follow the established bandwidth usage 
policy. 

36. (Original) A network device as recited in claim 21, further comprising: 
second receiving means for receiving a re-association request from a transferring 

wireless device through a new access point of the plurality of access points, where the 
transferring wireless device was previously associated with an old access point of the 
plurality of access points; 
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providing means for providing session information for the transferring wireless 
device to the new access point; and 

updating means for updating a routing table with a routing location of the 
transferring wireless device. 

37. (Original) A network device as recited in claim 36, further comprising 
encapsulating means for encapsulating received data packets with Internet protocol 
information associated with the new access point and updating routing information in a 
local routing table. 

38. (Original) A network device as recited in claim 21, further comprising: 
second receiving means for receiving a re-association request from a transferring 

wireless device through a new access point of the plurality of access points, where the 
transferring wireless device was previously associated with an alternate access point in 
communication with the wireless network through an alternate network device; 

sending means for sending a request for configuration information for the 
transferring wireless device from the alternate network device; and 

second forwarding means for forwarding access point configuration data, 
determined from the configuration information for the transferring wireless device 
received from the alternate network device, to the new access point. 
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39. (Original) A network device as recited in claim 21, wherein the wireless 
device is a wireless internet protocol phone, the client identifier is call setup data and said 
step of passing the received data packets comprises passing voice over internet protocol 
data packets to portions of the wireless network and to the plurality of access points, 
based on the evaluation of the received voice over internet protocol data packets. 

40. (Original) A network device as recited in claim 39, wherein said mediating 
means comprises: 

sending means for sending a call connected signal received from an Internet 
protocol phone gateway to the one access point; and 

second mediating means for mediating a negotiation of network resources between 
the Internet protocol phone gateway and the wireless Internet protocol phone. 

41. (Withdrawn) A process of controlling a flow of data in a wireless network in 
an enterprise environment providing wireless access to the wireless network by wireless 
devices, said process comprising: 

receiving data from a wireless device by a network device, through one access 
point of a plurality of access points in communication with the network device, indicating 
a client identifier for the wireless device; 

forwarding the client identifier to an authentication server; 

mediating authentication of the wireless device with the authentication server; 
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evaluating data packets received from portions of the wireless network and from 
the plurality of access points; and 

passing the received data packets to portions of the wireless network and to the 
plurality of access points, based on the evaluation of the received data packets; 

wherein the network device periodically polls for a status of the wireless device 
from the access point, and 

wherein the access points and the network device exchange information relating to 
configuration, status, and client session statuses of the access points through a messaging 
protocol. 

42. (Withdrawn) A process as recited in claim 41, wherein said step of mediating 
authentication of the wireless device comprises restricting access to the wireless network 
by the wireless device based on a category of user within the enterprise environment 
determined from the client identifier. 

43. (Withdrawn) A process as recited in claim 42, wherein said step of restricting 
access to the wireless network is based on a type of device to which the wireless device 
belongs. 

44. (Withdrawn) A process as recited in claim 41, wherein said step of mediating 
authentication of the wireless device comprises restricting access to the wireless network 
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by the wireless device based on an hour and a day of the week in which the data was 
received from the wireless device. 

45. (Withdrawn) A process as recited in claim 44, wherein said step of restricting 
access to the wireless network is based on at least one of a type of device to which the 
wireless device belongs and on a category of user determined from the client identifier. 

46. (Withdrawn) A process as recited in claim 41, wherein said step of mediating 
authentication of the wireless device comprises restricting access to the wireless network 
by the wireless device based on a physical location within the enterprise environment of 
the one access point of a plurality of access points. 

47. (Withdrawn) A process as recited in claim 41, wherein coverage areas for at 
least two of the plurality of access points overlap and the process further comprises: 

monitoring usage by wireless devices of the at least two of the plurality of access 
points; and 

prompting the at least two of the plurality of access points to change the usage by 
the wireless devices such that a load carried by the at least two of the plurality of access 
points is approximately balanced. 
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48. (Withdrawn) A process as recited in claim 41, wherein said step of passing the 
received data packets comprises maintaining a priority indicated by the data packets and 
tagging the data packets with a priority tag to be evaluated by the access points. 

49. (Withdrawn) A process as recited in claim 41, further comprising: 
receiving a re-association request from a transferring wireless device through a 

new access point of the plurality of access points, where the transferring wireless device 
was previously associated with an old access point of the plurality of access points; 

providing session information for the transferring wireless device to the new 
access point; and 

updating a routing table with a routing location of the transferring wireless device. 

50. (Withdrawn) A process as recited in claim 49, further comprising 
encapsulating received data packets with Internet protocol information associated with 
the new access point and updating routing information in a local routing table. 

51. (Withdrawn) A network device for controlling a flow of data in a wireless 
network in an enterprise environment providing wireless access to the wireless network 
by wireless devices, said network device comprising: 



- 17- 



ApplicationNo.: 10/632,807 



receiving means for receiving data from a wireless device by the network device, 
through one access point of a plurality of access points in communication with the 
network device, indicating a client identifier for the wireless device; 

forwarding means for forwarding the client identifier to an authentication server; 

mediating means for mediating authentication of the wireless device with the 
authentication server; 

evaluating means for evaluating data packets received from portions of the 
wireless network and from the plurality of access points; and 

passing means for passing the received data packets to portions of the wireless 
network and to the plurality of access points, based on the evaluation of the received data 
packets; 

wherein the network device is configured to periodically poll for a status of the 
wireless device from the access point, and 

wherein the access points and the network device exchange information relating to 
configuration, status, and client session statuses of the access points through a messaging 
protocol 

52. (Withdrawn) A network device as recited in claim 51, wherein said mediating 
means comprises restricting means for restricting access to the wireless network by the 
wireless device based on a category of user within the enterprise environment determined 
from the client identifier. 

-18- Application No.: 10/632,807 



53. (Withdrawn) A network device as recited in claim 52, wherein said restricting 
means is configured to restrict access based on a type of device to which the wireless 
device belongs. 

54. (Withdrawn) A network device as recited in claim 51, wherein said mediating 
means comprises restricting means for restricting access to the wireless network by the 
wireless device based on an hour and a day of the week in which the data was received 
from the wireless device. 

55. (Withdrawn) A network device as recited in claim 54, wherein said restricting 
means is configured to restrict access based on at least one of a type of device to which 
the wireless device belongs and on a category of user determined from the client 
identifier. 

56. (Withdrawn) A network device as recited in claim 51, wherein said mediating 
means comprises restricting means for restricting access to the wireless network by the 
wireless device based on a physical location within the enterprise environment of the one 
access point of a plurality of access points. 
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57. (Withdrawn) A network device as recited in claim 51, wherein coverage areas 
for at least two of the plurality of access points overlap and the network device further 
comprises: 

monitoring means for monitoring usage by wireless devices of the at least two of 
the plurality of access points; and 

prompting means for prompting the at least two of the plurality of access points to 
change the usage by the wireless devices such that a load carried by the at least two of the 
plurality of access points is approximately balanced. 

58. (Withdrawn) A network device as recited in claim 51, wherein said passing 
means comprises maintaining means for maintaining a priority indicated by the data 
packets and tagging the data packets with a priority tag to be evaluated by the access 
points. 

59. (Withdrawn) A network device as recited in claim 51 ? further comprising: 
second receiving means for receiving a re-association request from a transferring 

wireless device through a new access point of the plurality of access points, where the 
transferring wireless device was previously associated with an old access point of the 
plurality of access points; 

providing means for providing session information for the transferring wireless 
device to the new access point; and 
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updating means for updating a routing table with a routing location of the 
transferring wireless device. 

60. (Withdrawn) A network device as recited in claim 59 3 further comprising 
encapsulating means for encapsulating received data packets with Internet protocol 
information associated with the new access point and updating routing information in a 
local routing table. 
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